CSEC_PUBLIC/How-To-Secure-A-Linux-Server
1
0
Fork 0
mirror of https://github.com/imthenachoman/How-To-Secure-A-Linux-Server.git synced 2025-12-06 01:02:49 +01:00
Code Issues Packages Projects Releases Wiki Activity

Update README.md

Browse Source
This commit is contained in:
IMTheNachoMan
2019-02-10 23:02:03 -05:00
committed by GitHub
parent 4888513999
commit 7aa85ec629
1 changed files with 2 additions and 4 deletions
Download Patch File Download Diff File Expand all files Collapse all files

6
README.md
View File

@@ -316,8 +316,6 @@ When and if other accounts need access to a file/folder, you want to explicitly
Changing the default `umask` can create unexpected problems. For example, if you set `umask` to `0077` for **root**, then **non-root** accounts **will not** have access to application configuration files/folders in `/etc/` which could break applications.
**USE WITH CAUTION.**
#### Goals
- set default `umask` for **non-root** accounts to **0027**
@@ -361,7 +359,7 @@ Changing the default `umask` can create unexpected problems. For example, if you
echo -e "\nUMASK 0027 # added by $(whoami) on $(date +"%Y-%m-%d @ %H:%M:%S")" | sudo tee -a /etc/login.defs
```
1. [**USE WITH CAUTION.**](#umask-root) -- Set default `umask` for the **root** account to **0077** by **adding** this line to `/root/.bashrc`:
1. [**!! USE WITH CAUTION !!**](#umask-root) -- Set default `umask` for the **root** account to **0077** by **adding** this line to `/root/.bashrc`:
```
umask 0077
@@ -514,7 +512,7 @@ An alternative to locking the **root** acount is set a long/complicated **root**
#### Steps
1. [**USE WITH CAUTION**](#root-password-disable) -- Lock the **root** account:
1. [**!! USE WITH CAUTION !!**](#root-password-disable) -- Lock the **root** account:
``` bash
sudo passwd -l root